Ensign is hiring !
Key Responsibilities
- Provide engineering supporting an SOC environment in areas relating to Advanced Analytics domain
- Approve junior engineer requests and assignment of work to the various junior engineers
- Plan work activities for engineering team and provide engineering support
- Plan, test and deploy patches for SOC systems
- Work with DevOps and SOC team to plan for developmental work
- Manage lifecycle of security log sources, including onboarding, modifying and decommissioning of log sources
- Perform data engineering to extract, transform, load for security monitoring
- Work with SOC team to plan and deploy new features and changes to the SOC environment
- Approve and review technical documentation for SOC environment
- Stand-by support after office hours for support issues
- Perform troubleshooting of issues in relation to SOC technologies within the SOC environment
- Monitor service levels of issues and manage escalate issues to Subject Matter Experts when necessary
Qualifications
- Diploma or Bachelor’s Degree in Information Technology
- Working experience with qualification in IBM Qradar, Splunk or equivalent
- 2-3 years of experience in SOC technologies such as SIEM, SOAR or TIP
- Knowledge of SIEM products such as Crowdstrike, Google, IBM, Microsoft and Cisco is preferred.
- Good Linux and network fundamental knowledge
- Regular expression knowledge is required
- Knowledge of scripting languages such as Python, PowerShell and Bash will be an advantage
- Good communication and written skills
- Positive working attitude
- Passionate in information security